package com.security.demo0928.controller;


import org.springframework.security.core.Authentication;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;

/**
 * security测试controller
 * @date 2020/9/28 15:06
 */
@Controller
public class HelloController {


    /**
     * 都可以访问
     * @return
     */
    @RequestMapping({"/","/index"})
    public String index(){
        return "index";
    }

    /**
     * 需要user才能访问
     * @param authentication
     * @return
     */
    @RequestMapping("/user")
    public String user(Authentication authentication){
        System.out.println(authentication.getAuthorities());
        System.out.println(authentication.getName());
        return "user";
    }

    /**
     * 需要ROLE_ADMIN权限才能访问
     * @param authentication
     * @return
     */
    @RequestMapping("/admin")
    public String admin(Authentication authentication){
        System.out.println(authentication);
        return "admin";
    }

    /**
     * 并不是执行登录的controller，用来跳转到自定义的登录界面，真正的登录接口是由security来实现的。
     * @return
     */
    @RequestMapping("/toLogin")
    public String login(){
        return "login";
    }

}
